diff options
author | Raphael Geissert <atomo64@gmail.com> | 2014-01-23 09:59:57 +0000 |
---|---|---|
committer | Raphael Geissert <atomo64@gmail.com> | 2014-01-23 09:59:57 +0000 |
commit | 7aada91d83956565495d7a227c3f73de1c6019fa (patch) | |
tree | 832a0a7d099cec1102075c8c12b2242f0d5845ac | |
parent | 1a7add0f515a9b256c64e145aa48e92665613782 (diff) |
A few more items for the agenda
git-svn-id: svn+ssh://svn.debian.org/svn/secure-testing@25333 e39458fd-73e7-0310-bf30-c45bca0a0e42
-rw-r--r-- | data/CVE/list | 2 | ||||
-rw-r--r-- | org/agenda-2014.txt | 15 |
2 files changed, 16 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index f1e6e92f9a..636720f0d8 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -10689,7 +10689,7 @@ CVE-2013-4216 (The Trace_OpenLogFile function in ...) CVE-2013-4215 [IPXPING_COMMAND uses fixed location in /tmp] RESERVED - nagios-plugins <unfixed> (unimportant) - NOTE: vulnerable code present, but check_ipxping not build and installed + NOTE: vulnerable code present, but check_ipxping is neither built nor installed CVE-2013-4214 (rss-newsfeed.php in Nagios Core 3.4.4, 3.5.1, and earlier, when ...) - nagios3 3.5.1-1 (low; bug #719056) [wheezy] - nagios3 <no-dsa> (Minor issue) diff --git a/org/agenda-2014.txt b/org/agenda-2014.txt index 787c112e7d..9bd49d1c68 100644 --- a/org/agenda-2014.txt +++ b/org/agenda-2014.txt @@ -50,6 +50,13 @@ Tracker - Support for consistency checks on source package names, e.g linux-2.6/linux or all of the ruby packages +- Version consistency checks, like an issue being marked as fixed in x.z and + not affecting stable, yet stable has x.y. + +- Keeping information about older, archived, releases? related to the above + point about consistency checks on source package names: should be possible + to say a package was renamed from foo to bar. + Infrastructure ============== @@ -75,6 +82,10 @@ Others - Compile a list of problemtic packages in jessie for the release team + + What to do with OpenJDK? best-effort + dropping icedtea-web? + Ubuntu is also questioning the support: + https://lists.ubuntu.com/archives/ubuntu-devel/2014-January/037991.html + Distribution hardening ====================== @@ -90,6 +101,8 @@ Distribution hardening - hidepid by default + - heap protection experiment for some packages? (e.g. mcheck) + - mount flags and default partitioning - default open ports @@ -98,6 +111,8 @@ Distribution hardening - Require fs.protected_symlinks? (enabled by default in Wheezy, kfreebsd doesn't support it) +- Disabling rare codecs/stuff by default. + LTS === |